package com.offcn.config;

import com.alibaba.dubbo.config.annotation.Reference;
import com.offcn.handler.*;
import com.offcn.service.MyUserDetailsService;
import com.offcn.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.AuthenticationEntryPoint;

/**
 * @Author: wy
 * @Date: 2022/9/7 09:30
 */
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    /*
      下面都是 返回信息的
       */
    //处理——登录失败
    @Autowired
    private SecurityAuthenticationFailureHandler authenticationFailureHandler;

    //处理——登录成功提示信息
    @Autowired
    private SecuritySimpleUrlAuthenticationSuccessHandler simpleUrlAuthenticationSuccessHandler;

    //处理——
    @Autowired
    private AuthenticationEntryPoint authenticationEntryPoint;

    //处理——登陆成功没有权限访问
    @Autowired
    private SecurityAccessDeniedHandler accessDeniedHandler;

    //处理——退出成功
    @Autowired
    private SecurityLogoutSuccessHandler logoutSuccessHandler;

    //处理——匿名没有权限访问
    @Autowired
    private AuthenticationEntryPointHandler authenticationEntryPointHandler;

    @Autowired
    private MyUserDetailsService userDetailsService;

//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//        http.headers().frameOptions().sameOrigin();
//    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(password());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin()    //自定义编写登录页面
                .loginPage("/login/index.html") //指定登录页面的地址
                .loginProcessingUrl("/login") //登录访问地址，也就是登录表单的action值
                .successHandler(simpleUrlAuthenticationSuccessHandler)//登录成功操作
                //.defaultSuccessUrl("/home.html").permitAll() //登录成功后的跳转路径
                //登录失败操作
                .failureHandler(authenticationFailureHandler).permitAll()
                .and() //再次得到HttpSecurity对象
                .authorizeRequests() //配置设置拦截所有的请求
                //配置没有认证就可以放行的请求(‘/’为项目根路径)
                //放行‘/’跟路径下的/hello/test02和/hello/test03请求
                .antMatchers("/main/css/**", "/main/img/**", "/main/js/**",
                        "/login/loginstyle/**", "/main/plugins/**", "/img/**")
                .permitAll()

                .anyRequest().authenticated()//配置任何请求都需要身份认证(处理antMatchers中的路径)
                .and().exceptionHandling() //异常处理配置
                //配置匿名访问无权限返回提示信息
                .authenticationEntryPoint(authenticationEntryPoint)
                //配置认证用户无权访问返回提示信息
                .accessDeniedHandler(accessDeniedHandler)
                .and().logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler)
                .and().csrf().disable().headers().frameOptions().sameOrigin();//关闭crsf防护
    }


    //创建密码加密器，获取前台密码的时候进行加密
    @Bean
    public PasswordEncoder password() {
        return new BCryptPasswordEncoder();
    }
}




